<?php
session_start(); //开启会话
//先判断是否登录，本页面只有登录后才能访问
header('content-type:text/html;charset=utf-8');
if (!isset($_SESSION['loggedUsername']) or !$_SESSION['loggedUsername']) {  //说明未登录
    echo "<script>alert('本页面需要登录后才能访问，请登录！');location.href='login.html';</script>";
    exit;
}
//读取用户在前端输入的各项数值
$code = $_POST['code'];
if(strtolower($code) <> strtolower($_SESSION["captcha"])){  //说明验证码错误
    echo "<script>alert('验证码错误！');history.back();</script>";
    exit;
}
//
$pw = $_POST['pw'];
$username = $_POST['u1'];
//完成数据更新
include_once "conn.php";
//先判断用户是否上传头像

if($pw){ //说明要更新密码
    //$sql = "update userinfo set pw = '".md5($pw)."',sex = '$sex',
    //age = '$age',email = '$email',fav = '$fav' where username = '". $_SESSION['loggedUsername']."'";
    $sql = "update userinfo set pw = '".md5($pw)."'";
    $sql .=" where username = '". $_SESSION['loggedUsername']."'";
    $result = mysqli_query($conn,$sql);
    if($result){ //说明执行成功
        echo "<script>alert('资料修改成功！');location.href='index.php';</script>";
    }
    else{
        echo "<script>alert('资料修改失败！');history.back();</script>";
    }
}
else{
    echo "<script>location.href='index.php';</script>";
}
?>